[
https://issues.apache.org/jira/browse/KNOX-3077?focusedWorklogId=948092&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-948092
]
ASF GitHub Bot logged work on KNOX-3077:
----------------------------------------
Author: ASF GitHub Bot
Created on: 12/Dec/24 19:19
Start Date: 12/Dec/24 19:19
Worklog Time Spent: 10m
Work Description: smolnar82 commented on code in PR #972:
URL: https://github.com/apache/knox/pull/972#discussion_r1882749429
##########
gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java:
##########
@@ -122,6 +122,12 @@ public class Pac4jDispatcherFilter implements Filter,
SessionInvalidator {
private static final String PAC4J_OIDC_TYPE = "oidc.type";
+ /* property for specifying pac4j cookies ttl */
+ public static final String PAC4J_COOKIE_MAX_AGE = "pac4j.cookie.max.age";
+
+ /* default value is same is KNOXSSO token ttl default */
+ public static final int PAC4J_COOKIE_MAX_AGE_DEFAULT = -1;
Review Comment:
This could - should - be `private` (not used anywhere outside of this class)
and `String` instead of `int` (i.e. `"-1"`, to avoid unnecessary conversion
below)
Issue Time Tracking
-------------------
Worklog Id: (was: 948092)
Time Spent: 20m (was: 10m)
> Knox UI session timeout does not work with pac4j
> ------------------------------------------------
>
> Key: KNOX-3077
> URL: https://issues.apache.org/jira/browse/KNOX-3077
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> KnoxSSO is expired and works as expected but pac4j profile cookies do not.
> pac4j provider is getting used which is causing the following behavior.
> 1. Knox expires the cookies
> 2. The UI redirects to login using the pac4j auth.
> 3. pac4j finds the pac4j cookies (like profile cookie) that are not expired
> and Knox logs back again.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
